Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/AS42831.roa
File: AS42831.roa (raw, json)
Hash identifier: sFg/Au+aB5caYzMDvy+A3pR81Id6N9yyF/DBxXOxw9A=
Subject key identifier: D0:8D:A9:7B:6A:5B:6E:E3:21:FA:55:46:C7:FF:32:5D:A5:1C:DC:42
Certificate issuer: /CN=4fc336bf9f3de5ce41414bd1971945f4b246bfcc
Certificate serial: 68E6A4A0A9B30B178524CF7EE93BAAFCA3169552
Authority key identifier: 4F:C3:36:BF:9F:3D:E5:CE:41:41:4B:D1:97:19:45:F4:B2:46:BF:CC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/T8M2v5895c5BQUvRlxlF9LJGv8w.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/AS42831.roa
Signing time: Tue 24 Feb 2026 23:24:32 +0000
ROA not before: Tue 24 Feb 2026 23:19:32 +0000
ROA not after: Tue 23 Feb 2027 23:24:32 +0000
asID: 42831
IP address blocks: 96.62.220.0/24 maxlen: 24
140.233.165.0/24 maxlen: 24
143.14.80.0/24 maxlen: 24
143.14.93.0/24 maxlen: 24
143.14.114.0/24 maxlen: 24
143.14.136.0/24 maxlen: 24
143.14.241.0/24 maxlen: 24
146.103.28.0/24 maxlen: 24
147.79.4.0/24 maxlen: 24
148.135.174.0/24 maxlen: 24
150.241.132.0/24 maxlen: 24
150.241.133.0/24 maxlen: 24
150.241.134.0/24 maxlen: 24
150.241.137.0/24 maxlen: 24
150.241.144.0/24 maxlen: 24
150.241.238.0/24 maxlen: 24
150.241.239.0/24 maxlen: 24
150.241.241.0/24 maxlen: 24
155.117.110.0/24 maxlen: 24
155.117.115.0/24 maxlen: 24
155.117.127.0/24 maxlen: 24
155.117.196.0/24 maxlen: 24
155.117.227.0/24 maxlen: 24
155.117.244.0/24 maxlen: 24
155.117.254.0/24 maxlen: 24
162.141.11.0/24 maxlen: 24
162.141.88.0/24 maxlen: 24
162.141.104.0/24 maxlen: 24
167.148.126.0/24 maxlen: 24
167.148.144.0/24 maxlen: 24
167.148.152.0/24 maxlen: 24
167.148.157.0/24 maxlen: 24
167.148.192.0/24 maxlen: 24
167.148.202.0/24 maxlen: 24
167.148.205.0/24 maxlen: 24
167.148.211.0/24 maxlen: 24
168.222.7.0/24 maxlen: 24
168.222.108.0/24 maxlen: 24
168.222.109.0/24 maxlen: 24
168.222.110.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/4FC336BF9F3DE5CE41414BD1971945F4B246BFCC.crl
rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/4FC336BF9F3DE5CE41414BD1971945F4B246BFCC.mft
rsync://rpki.ripe.net/repository/DEFAULT/T8M2v5895c5BQUvRlxlF9LJGv8w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 02 Mar 2026 12:54:54 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
68:e6:a4:a0:a9:b3:0b:17:85:24:cf:7e:e9:3b:aa:fc:a3:16:95:52
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4fc336bf9f3de5ce41414bd1971945f4b246bfcc
Validity
Not Before: Feb 24 23:19:32 2026 GMT
Not After : Feb 23 23:24:32 2027 GMT
Subject: CN=D08DA97B6A5B6EE321FA5546C7FF325DA51CDC42
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:92:d0:b5:54:b1:e8:d0:9a:b7:55:dc:37:26:14:
fb:4c:b1:50:d9:b3:0e:ae:1e:3f:8d:0a:87:d7:b6:
da:df:c9:97:e8:f0:d1:eb:39:fc:ba:3c:f3:8e:90:
d2:95:ef:24:b3:da:88:5c:e5:65:57:6b:a9:df:59:
89:4c:00:22:99:69:ce:5f:de:78:e8:a6:90:6c:41:
ea:8e:c4:71:ec:28:e9:ca:4f:37:d3:6e:12:99:d9:
40:e8:62:23:2c:e0:3c:83:27:37:55:2a:d4:05:4d:
a3:50:05:16:66:38:de:94:10:fb:a6:ac:1e:46:ef:
3a:9a:20:69:80:75:20:06:cd:45:09:5a:db:2f:a0:
fe:a2:7a:e3:3c:fd:d6:2b:f2:e3:ac:31:32:e1:cf:
bc:23:83:be:ce:9c:d5:03:ba:7e:30:b4:2e:23:78:
21:b8:00:c0:18:0b:35:65:a5:9c:c3:8f:50:60:e1:
88:34:19:86:1a:cf:5c:76:39:d0:28:11:fa:b3:9c:
cc:ff:21:a9:cb:ed:fb:89:cb:d9:f3:5b:3e:cf:be:
ea:ed:06:c0:03:1d:d0:eb:47:0d:e7:2b:7d:ac:71:
cb:de:6e:24:1d:84:6d:a6:ea:28:43:e7:41:46:a7:
32:fd:8d:74:65:d6:41:f0:b3:6b:03:3a:7b:cc:b1:
67:85
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D0:8D:A9:7B:6A:5B:6E:E3:21:FA:55:46:C7:FF:32:5D:A5:1C:DC:42
X509v3 Authority Key Identifier:
keyid:4F:C3:36:BF:9F:3D:E5:CE:41:41:4B:D1:97:19:45:F4:B2:46:BF:CC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/4FC336BF9F3DE5CE41414BD1971945F4B246BFCC.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/T8M2v5895c5BQUvRlxlF9LJGv8w.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/AS42831.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
96.62.220.0/24
140.233.165.0/24
143.14.80.0/24
143.14.93.0/24
143.14.114.0/24
143.14.136.0/24
143.14.241.0/24
146.103.28.0/24
147.79.4.0/24
148.135.174.0/24
150.241.132.0-150.241.134.255
150.241.137.0/24
150.241.144.0/24
150.241.238.0/23
150.241.241.0/24
155.117.110.0/24
155.117.115.0/24
155.117.127.0/24
155.117.196.0/24
155.117.227.0/24
155.117.244.0/24
155.117.254.0/24
162.141.11.0/24
162.141.88.0/24
162.141.104.0/24
167.148.126.0/24
167.148.144.0/24
167.148.152.0/24
167.148.157.0/24
167.148.192.0/24
167.148.202.0/24
167.148.205.0/24
167.148.211.0/24
168.222.7.0/24
168.222.108.0-168.222.110.255
Signature Algorithm: sha256WithRSAEncryption
a2:e1:24:d1:8e:3a:e8:62:a5:cf:39:14:dc:69:f2:79:30:ba:
87:97:ed:2d:4b:49:57:f1:b3:7c:09:6c:14:80:16:eb:a4:64:
5d:ba:29:0a:0c:01:69:16:52:14:26:02:37:cf:66:92:03:c3:
55:5b:a1:44:90:20:85:8a:89:47:d2:2c:f6:24:40:66:45:45:
3c:5b:39:21:30:3c:34:77:b8:37:ad:50:cb:9a:c1:9b:c6:0c:
be:dd:71:58:49:be:92:8f:b0:80:cc:54:58:9a:bb:48:8e:e9:
09:68:16:9d:04:3e:58:7a:65:65:28:09:03:0b:43:5e:dd:b9:
dd:ea:48:f3:7f:04:44:92:5a:6d:9a:19:8d:4b:11:4d:59:b6:
77:39:3a:c9:08:0b:2f:d7:43:e6:05:11:d8:81:f2:50:fe:25:
b6:40:6f:e0:45:8c:79:a6:5a:d0:58:a4:74:40:49:19:5c:db:
82:e2:61:92:7c:7f:ff:9a:76:aa:c0:60:3b:04:a2:e4:ef:f4:
7c:3a:a2:2f:7d:45:6c:5c:b2:bd:14:d9:60:d9:2d:5a:33:87:
42:5f:b7:44:17:2b:5f:8d:c3:87:97:1d:a5:40:5d:69:e6:0e:
23:37:74:5b:1f:b5:b1:60:8a:c8:09:dd:28:9f:55:fb:33:0f:
d4:35:a6:a8
-----BEGIN CERTIFICATE-----
MIIF4DCCBMigAwIBAgIUaOakoKmzCxeFJM9+6Tuq/KMWlVIwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNGZjMzM2YmY5ZjNkZTVjZTQxNDE0YmQxOTcxOTQ1ZjRi
MjQ2YmZjYzAeFw0yNjAyMjQyMzE5MzJaFw0yNzAyMjMyMzI0MzJaMDMxMTAvBgNV
BAMTKEQwOERBOTdCNkE1QjZFRTMyMUZBNTU0NkM3RkYzMjVEQTUxQ0RDNDIwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCS0LVUsejQmrdV3DcmFPtMsVDZ
sw6uHj+NCofXttrfyZfo8NHrOfy6PPOOkNKV7ySz2ohc5WVXa6nfWYlMACKZac5f
3njoppBsQeqOxHHsKOnKTzfTbhKZ2UDoYiMs4DyDJzdVKtQFTaNQBRZmON6UEPum
rB5G7zqaIGmAdSAGzUUJWtsvoP6ieuM8/dYr8uOsMTLhz7wjg77OnNUDun4wtC4j
eCG4AMAYCzVlpZzDj1Bg4Yg0GYYaz1x2OdAoEfqznMz/IanL7fuJy9nzWz7Pvurt
BsADHdDrRw3nK32sccvebiQdhG2m6ihD50FGpzL9jXRl1kHws2sDOnvMsWeFAgMB
AAGjggLqMIIC5jAdBgNVHQ4EFgQU0I2pe2pbbuMh+lVGx/8yXaUc3EIwHwYDVR0j
BBgwFoAUT8M2v5895c5BQUvRlxlF9LJGv8wwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvMDliZTNhYWUtYWVhMS00MWRjLWIxYjktOTVhYzU5MTgy
NDRkLzAvNEZDMzM2QkY5RjNERTVDRTQxNDE0QkQxOTcxOTQ1RjRCMjQ2QkZDQy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1Q4TTJ2NTg5NWM1QlFVdlJseGxGOUxK
R3Y4dy5jZXIwegYIKwYBBQUHAQsEbjBsMGoGCCsGAQUFBzALhl5yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5LzA5YmUzYWFlLWFlYTEt
NDFkYy1iMWI5LTk1YWM1OTE4MjQ0ZC8wL0FTNDI4MzEucm9hMBgGA1UdIAEB/wQO
MAwwCgYIKwYBBQUHDgIwgf8GCCsGAQUFBwEHAQH/BIHvMIHsMIHpBAIAATCB4gME
AGA+3AMEAIzppQMEAI8OUAMEAI8OXQMEAI8OcgMEAI8OiAMEAI8O8QMEAJJnHAME
AJNPBAMEAJSHrjAMAwQClvGEAwQAlvGGAwQAlvGJAwQAlvGQAwQBlvHuAwQAlvHx
AwQAm3VuAwQAm3VzAwQAm3V/AwQAm3XEAwQAm3XjAwQAm3X0AwQAm3X+AwQAoo0L
AwQAoo1YAwQAoo1oAwQAp5R+AwQAp5SQAwQAp5SYAwQAp5SdAwQAp5TAAwQAp5TK
AwQAp5TNAwQAp5TTAwQAqN4HMAwDBAKo3mwDBACo3m4wDQYJKoZIhvcNAQELBQAD
ggEBAKLhJNGOOuhipc85FNxp8nkwuoeX7S1LSVfxs3wJbBSAFuukZF26KQoMAWkW
UhQmAjfPZpIDw1VboUSQIIWKiUfSLPYkQGZFRTxbOSEwPDR3uDetUMuawZvGDL7d
cVhJvpKPsIDMVFiau0iO6QloFp0EPlh6ZWUoCQMLQ17dud3qSPN/BESSWm2aGY1L
EU1Ztnc5OskICy/XQ+YFEdiB8lD+JbZAb+BFjHmmWtBYpHRASRlc24LiYZJ8f/+a
dqrAYDsEouTv9Hw6oi99RWxcsr0U2WDZLVozh0Jft0QXK1+Nw4eXHaVAXWnmDiM3
dFsftbFgisgJ3SifVfszD9Q1pqg=
-----END CERTIFICATE-----
Generated at Sun Mar 1 21:50:58 2026 by rpki-client